If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

What do I need?
* Metasploit – (Can be found on BackTrack 4-R2). Download here
* SendEmail + SMTP details – (SendEmail can be found on BackTrack 4-R2). Download sendemail here
* URL shorter service – (Can be found by using a internet search engine).

Method
* Start network services and obtain an IP address
* Start metasploit and configurefile_autopwn
* Wait for web server to be active
* Browser available files and view information of that particular one.
* Discover homepage and download information
* Create masked URLs
* Socially engineer an email to the target with all the information
* Wait for target to download the file and load it in the program
* Game Over

Walk-through
The attacker approaches this attack differently by attacking desktop application installed on the operating system (OS) by using a collection of “file exploits”.

To start things, the attacker starts metasploit and locates the file_autopwn module. After examining the required information, the attacker proceeds by entering all the details which are needed. Once this has been done, the attacker sets metasploit to work by creating a mass of vulnerable files after which have been created metasploit set ups a web server which is the going to be used for the delivery method.

The attacker visits the web server themselves to see what is available. After choosing the program "fatplayer", they decide to increase their chance of success by finding the program's homepage so they can pass this information on to the target, which makes it "nice and easy" for the target to download and run.
The attacker needs to make sure that they send a vulnerable version of the program to the target however, so they check to see what information is given about the file exploit.

The attacker chooses to socially engineer the target by sending them a email with a link to the file setup and a brief description. To help increase success, the attacker masks the URL of both files by using URL shortening services. Once the target clicks on the shortened link, they are automatically redirected to the "longer URL".

The attacker just has to simply wait to see if the target "falls for it" and runs the exploit file.... which the target does. =)

Notes:
* You will need to find/use your own SMTP details.
* You can use any number of URL shortening services.
* You could of used any files generated by metasploit.
* You could of attach the file instead of linking in the email (See here for a example), however alot of email services now have anti-virus checking built in...